1)In the patch report template, which evaluation provides the most accurate patches that need to be installed?
(A)Superseded patch evaluation
(B)Latest patch evaluation
(C)QID based patch evaluation
(D)Classic patch evaluation - Correct answer (A) Superseded patch evaluation
2)Which scorecard report type allows you to identify hosts that are missing required patches and software?***
(A)Patch report
(B)Vulnerability scorecard report
(C)Missing software report
(D)Asset Search Report - Correct answer (A) Patch report
3)Which of the following scenarios can lead to gaps in the patch tree structure and break the patch supersedence logic? Select all that apply.
(A)Scan report with vulnerability search list or Threat Protection RTI filter
(B)Cloud Agent data collection followed by an authenticated scan
(C)Scan job with a custom vulnerability filter
(D)Unauthenticated scan
(E)Cloud Agent scan - Correct answer (A) Scan report with vulnerability search list or Threat
Protection RTI filter
4)(C) Scan job with a custom vulnerability filter
5)Identify the vulnerability types excluded by default in the VM/VMDR Dashboard. Select all that apply.***
(A)Fixed vulnerabilities
(B)Disabled or Ignored vulnerabilities
(C)Vulnerabilities without exploits
(D)Low severity vulnerabilities
(E)Vulnerabilities without patches - Correct answer (A) Fixed vulnerabilities
6)(B) Disabled or Ignored vulnerabilities
7)The ____________ vulnerability type is enabled by default in a new report template.
(A)Confirmed
(B)Potential
(C)Patched
(D)Information Gathered - Correct answer (B) Potential
P a g e 1 | 8 8)Stale asset and vulnerability data can affect your security risk and business risk calculations. ***
(A)False
(B)True - Correct answer (B) True
9)Adding non-Qualys user's email in the distribution group helps you distribute the scheduled report to such users. ***
(A)True
(B)False - Correct answer (A) True
10)When using host-based findings, which of these needs to be turned on to toggle the inclusion of Fixed vulnerabilities in the report?***
(A)Trending
11)(B)
12)(C)
13)(D) - Correct answer (A) Trending
14)Which finding type allows you to include trending data in your reports?***
(A)Scanner based findings
(B)San-based finding
(C)Cloud Agent-based findings
(D)Host-based findings - Correct answer (D) Host-based findings
15)Threat Protection RTIs are used in the___________ in VMDR to identify the potential impact of discovered vulnerabilities, as well as vulnerabilities that have known or existing threats. ***
(A)Prioritization report
(B)Remediation report
(C)Scorecard report
(D)Patch report - Correct answer (A) Prioritization report
16)Identify the factor from the following that does not affect the report generation process.***
(A)Number of detections
(B)Trending period
(C)Number of assets
(D)Number of graphics - Correct answer (D) Number of graphics
17)Dashboard trend graphs are not meant to be an audit-ready method of tracking data over time as
widget changes can wipe of previous trend data.***
(A)True
(B)False - Correct answer (A) True
P a g e 2 | 8